tor-project

tor-project@lists.torproject.org

16 participants
2324 discussions

Tor Browser Weekly Meeting cancelled this week (2022-06-27)
by Richard Pospesel 26 Jun '22

26 Jun '22

Hi Everyone, This week is HackWeek, so we will be skipping our weekly Tor Browser meeting and meet again July 5th at 1100 UTC in #tor-meeting on OFTC IRC. best, -Richard

1 0

Tor's Hackweek starting June 27th at 1600 UTC
by gaba 26 Jun '22

26 Jun '22

Hola people! This week we are holding Tor's hack week. We will have people coming together to hack on several projects [0] proposed in the last few weeks. If you have any new proposal please submit it asap [1] before Monday 1600 UTC. So far we have 10 projects [0]. Each project has a pad [0] where you can find more information about it, who is on the team, and where people are going to meet during the week. All these projects will be presented on Monday at 1600 UTC in a BBB room [2]. You can add yourself to the pad of the team you want to collaborate with and ask any questions during the presentation on Monday. To summarize the presentation will be: Monday, June 27th at 1600 UTC ROOM: https://tor.meet.coop/gab-dpb-9zt-7tq happy hacking! gaba 0. https://gitlab.torproject.org/tpo/community/hackweek/#proposals-submitted-r… 1. https://hackweek.onionize.space/hackweek/ 2. https://tor.meet.coop/gab-dpb-9zt-7tq -- pronouns she/her/they GPG Fingerprint EE3F DF5C AD91 643C 21BE 8370 180D B06C 59CA BD19

1 0

Anti-censorship team meeting notes, 2022-06-23
by meskio 23 Jun '22

23 Jun '22

Hey everyone! Here are our meeting logs: http://meetbot.debian.net/tor-meeting/2022/tor-meeting.2022-06-23-15.58.html And our meeting pad: Anti-censorship work meeting pad -------------------------------- Next meeting: Thursday July 7 16:00 UTC Weekly meetings, every Thursday at 16:00 UTC, in #tor-meeting at OFTC (channel is logged while meetings are in progress) == Goal of this meeting == Weekly check-in about the status of anti-censorship work at Tor. Coordinate collaboration between people/teams on anti-censorship at Tor. == Links to Useful documents == * Our anti-censorship roadmap: * Roadmap: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/boards * The anti-censorship team's wiki page: * https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/home * Past meeting notes can be found at: * https://lists.torproject.org/pipermail/tor-project/ * Tickets that need reviews: from sponsors we are working on: * All needs review tickets: https://gitlab.torproject.org/groups/tpo/anti-censorship/-/merge_requests?s… * Sponsor 28 * must-do tickets: https://gitlab.torproject.org/groups/tpo/-/milestones/10 * possible tickets: https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&… * Sponsor 96 * https://gitlab.torproject.org/groups/tpo/-/milestones/24 == Announcements == * Next week is hackweek, no ant-censorship meeting!!! == Discussion == * What is the status of adjusting snowflake (pion) DTLS signature to avoid blocking in Russia? (Based on offset of supported_groups extension.) * https://gitlab.torproject.org/tpo/anti-censorship/censorship-analysis/-/iss… * https://github.com/pion/dtls/pull/474 * https://ntc.party/t/webrtc/2174/21 * https://gitlab.torproject.org/tpo/community/support/-/issues/40050 (generally) * shell will do some research on what makes sense as infra for testing snowflake connections * do we want a second broker for testing? * or multi-pool support? * snowflake spike on metrics * https://metrics.torproject.org/userstats-bridge-combined.html?start=2022-03… * being looked at the metrics side: https://gitlab.torproject.org/tpo/network-health/metrics/website/-/issues/4… == Actions == https://gitlab.torproject.org/tpo/anti-censorship/bridgestrap/-/issues/32 == Interesting links == == Reading group == * We will discuss "" on * * Questions to ask and goals to have: * What aspects of the paper are questionable? * Are there immediate actions we can take based on this work? * Are there long-term actions we can take based on this work? * Is there future work that we want to call out in hopes that others will pick it up? == Updates == Name: This week: - What you worked on this week. Next week: - What you are planning to work on next week. Help with: - Something you need help with. cecylia (cohosh): last updated 2022-06-23 Last week: - got tor to bootstrap fully with conjure PT in test environment - testenv: https://gitlab.torproject.org/cohosh/phantombox - conjure PT: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/conj… - ran a quick tutorial on reproducible snowflake/tor-browser builds This week: - work with conjure developers to get the PT working with the production conjure station Needs help with: dcf: 2022-06-16 Last week: - snowflake CDN bookkeeping https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/Snowflake-co… - commented on dnstt pluggable transport client https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/trac… - commented on restarts for snowflake probetest https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow… Next week: - look at STATUS VERSION proposal https://gitlab.torproject.org/tpo/core/torspec/-/merge_requests/63 Help with: meskio: 2022-06-23 Last week: - gitlab implementation in gettor - metrics for gettor - test gettor-rdsys setup Next week: - deployment of rdsys-gettor Shelikhoo: 2022-06-23 Last Week: - [Merged & Deployed] Add Distributed Snowflake Server Support (snowflake!87) - [Merged] Distributed Snowflake Bridges (Javascript ver.) (snowflake-webext!29) - [Merged & Deployed] Implement metrics to measure snowflake churn (https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…) (snowflake!95) - [Merge Request Awaiting] Add SOCKS5 forward proxy support to snowflake (snowflake!64) - [Discussion & Deployment] Migrating Controlling git repo to Tor Gitlab Instance (shelikhoo/LogCollectorAncillary#5) - [Research & Discussion] Discussion about the possibility of adding PT support to V2Ray to serve the role of HTTPT (https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/82) - [Investigate] China "Anti-Fraud" Webpage Redirection Censorship (censorship-analysis#40026): update the research based on updated ooni result - [Deployment] Snowflake Broker Next Week: - [Coding & Deployment] Proposal: Centralized Probe Result Collector (anti-censorship/team#54) - [Research & Coding] WebSocket + CDN Based Probe Control Connection Forwarder (shelikhoo/LogCollectorAncillary#3) - [Investigate] China "Anti-Fraud" Webpage Redirection Censorship (censorship-analysis#40026): update the research based on updated ooni result Itchy Onion: 2022-06-23 Last week: - ongoing debugging s28 issues 81 - taking over part of testing snowflake This week: - ongoing debugging s28 issues 81, fixing a leaking file descriptor issue - taking over part of testing snowflake -- meskio | https://meskio.net/ -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- My contact info: https://meskio.net/crypto.txt -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Nos vamos a Croatan.

1 0

TPA-RFC-33: monitoring requirements (draft)
by Antoine Beaupré 23 Jun '22

23 Jun '22

Hi, (Yes, I send a lot of emails today, sorry. :) As part of the Debian bullseye upgrade, we're considering an upgrade of our Icinga server or a replacement with Prometheus. Considering some of you actually use one or the other, as service admins, I would be grateful if you could review the draft requirements I have written here, in TPA-RFC-33: https://gitlab.torproject.org/tpo/tpa/team/-/wikis/policy/tpa-rfc-33-monito… I also need to write a "persona" for service admins, so input on that would be welcome. Comments are welcome in the issue: https://gitlab.torproject.org/tpo/tpa/team/-/issues/40755 ... or by replying to this email, or as edits to the wiki page. Thanks! -- Antoine Beaupré torproject.org system administration

1 0

TPA-RFC-20: bullseye upgrade schedule
by Antoine Beaupré 23 Jun '22

23 Jun '22

Note: this proposal is also visible in: https://gitlab.torproject.org/tpo/tpa/team/-/wikis/policy/tpa-rfc-20-bullse… Summary: bullseye upgrades will roll out starting the first weeks of April and May, and should complete before the end of August 2022. Let us know if your service requires special handling. # Background Debian 11 [bullseye][] was [released on August 14 2021][]). Tor started the upgrade to bullseye shortly after and hopes to complete the process before the [buster][] EOL, [one year after the stable release][], so normally around August 2022. In other words, we have until this summer to upgrade *all* of TPA's machine to the new release. New machines that were setup recently have already been installed in bullseye, as the installers were changed shortly after the release. A few machines were upgraded manually without any ill effects and we do not consider this upgrade to be risky or dangerous, in general. This work is part of the [%Debian 11 bullseye upgrade milestone][], itself part of the [OKR 2022 Q1/Q2 plan][]. # Proposal The proposal, broadly speaking, is to upgrade all servers in three batches. The first two are somewhat equally sized and spread over April and May, and the rest will happen at some time that will be announced later, individually, per server. ## Affected users All service admins are affected by this change. If you have shell access on any TPA server, you want to read this announcement. ## Upgrade schedule The upgrade is split in multiple batches: * low complexity (mostly TPA): April * moderate complexity (service admins): May * high complexity (hard stuff): to be announced separately * to be retired or rebuilt servers: not upgraded * already completed upgrades The free time between the first two will also allow us to cover for unplanned contingencies: upgrades that could drag on and other work that will inevitably need to be performed. The objective is to do the batches in collective "upgrade parties" that should be "fun" for the team (and work parties *have* generally been generally fun in the past). ### Low complexity, batch 1: April A first batch of servers will be upgraded in the first week of April. Those machines are considered to be somewhat trivial to upgrade as they are mostly managed by TPA or that we evaluate that the upgrade will have minimal impact on the service's users. ``` archive-01 build-x86-05 build-x86-06 chi-node-12 chi-node-13 chives ci-runner-01 ci-runner-arm64-02 dangerzone-01 hetzner-hel1-02 hetzner-hel1-03 hetzner-nbg1-01 hetzner-nbg1-02 loghost01 media-01 metrics-store-01 perdulce static-master-fsn submit-01 tb-build-01 tb-build-03 tb-tester-01 tbb-nightlies-master web-chi-03 web-cymru-01 web-fsn-01 web-fsn-02 ``` 27 machines. At a worst case 45 minutes per machine, that is 20 hours of work. At three people, this might be doable in a day. Feedback and coordination of this batch happens in issue [tpo/tpa/team#40690][]. ### Moderate complexity, batch 2: May The second batch of "moderate complexity servers" happens in the first week of May. The main difference with the first batch is that the second batch regroups services mostly managed by service admins, who are given a longer heads up before the upgrades are done. ``` bacula-director-01 bungei carinatum check-01 crm-ext-01 crm-int-01 fallax gettor-01 gitlab-02 henryi majus mandos-01 materculae meronense neriniflorum nevii onionbalance-01 onionbalance-02 onionoo-backend-01 onionoo-backend-02 onionoo-frontend-01 onionoo-frontend-02 polyanthum rude staticiforme subnotabile ``` 26 machines. If the worst case scenario holds, this is another day of work, at three people. Not mentioned here is the `gnt-fsn` Ganeti cluster upgrade, which is covered by ticket [tpo/tpa/team#40689][]. That alone could be a few day-person of work. Feedback and coordination of this batch happens in issue [tpo/tpa/team#40692][] ### High complexity, individually done Those machines are harder to upgrade, due to some major upgrades of their core components, and will require individual attention, if not major work to upgrade. ``` alberti eugeni hetzner-hel1-01 pauli ``` Each machine could take a week or two to upgrade, depending on the situation and severity. To detail each server: * `alberti`: `userdir-ldap` is, in general, risky and needs special attention, but should be moderately safe to upgrade, see ticket [tpo/tpa/team#40693][] * `eugeni`: messy server, with lots of moving parts (e.g. Schleuder, Mailman), Mailman 2 EOL, needs to decide whether to migrate to Mailman 3 or replace with Discourse (and self-host), see [tpo/tpa/team#40471][], followup in [tpo/tpa/team#40694][] * `hetzner-hel1-01`: Nagios AKA Icinga 1 is end-of-life and needs to be migrated to Icinga 2, which involves fixing our git hooks to generate Icinga 2 configuration (unlikely), or rebuilding a Icinga 2 server, or replacing with Prometheus (see [tpo/tpa/team#29864][]), followup in [tpo/tpa/team#40695][] * `pauli`: Puppet packages are severely out of date in Debian, and Puppet 5 is EOL (with Puppet 6 soon to be). doesn't necessarily block the upgrade, but we should deal with this problem sooner than later, see [tpo/tpa/team#33588][], followup in [tpo/tpa/team#40696][] All of those require individual decision and design, and specific announcements will be made for upgrades once a decision has been made for each service. ### To retire Those servers are possibly scheduled for removal and may not be upgraded to bullseye at all. If we miss the summer deadline, they might be upgraded as a last resort. ``` cupani gayi moly peninsulare vineale ``` Specifically: * cupani/vineale is covered by [tpo/tpa/team#40472][] * gayi is [TPA-RFC-11: SVN retirement][], [tpo/tpa/team#17202][] * moly/peninsulare is [tpo/tpa/team#29974][] ### To rebuild Those machines are planned to be rebuilt and should therefore not be upgraded either: ``` cdn-backend-sunet-01 colchicifolium corsicum nutans ``` Some of those machines are hosted at a Sunet and need to be migrated elsewhere, see [tpo/tpa/team#40684][] for details. `colchicifolium` will is planned to be rebuilt in the `gnt-chi` cluster, no ticket created yet. They will be rebuilt in new bullseye machines which should allow for a safer transition that shouldn't require specific coordination or planning. ### Completed upgrades Those machines have already been upgraded to (or installed as) Debian 11 bullseye: ``` btcpayserver-02 chi-node-01 chi-node-02 chi-node-03 chi-node-04 chi-node-05 chi-node-06 chi-node-07 chi-node-08 chi-node-09 chi-node-10 chi-node-11 chi-node-14 ci-runner-x86-05 palmeri relay-01 static-gitlab-shim tb-pkgstage-01 ``` ### Other related work There is other work related to the bullseye upgrade that is mentioned in the [%Debian 11 bullseye upgrade milestone][]. # Alternatives considered We have not set aside time to automate the upgrade procedure any further at this stage, as this is considered to be a too risky development project, and the current procedure is fast enough for now. We could also move to the cloud, Kubernetes, serverless, and Ethereum and pretend none of those things exist, but so far we stay in the real world of operating systems. Also note that this doesn't cover Docker container images upgrades. Each team is responsible for upgrading their image tags in GitLab CI appropriately and is *strongly* encouraged to keep a close eye on those in general. We may eventually consider enforcing stricter control over container images if this proves to be too chaotic to self-manage. # Costs It is estimates this will take one or two person-month to complete, full time. # Approvals required This proposal needs approval from TPA team members, but service admins can request additional delay if they are worried about their service being affected by the upgrade. Comments or feedback can be provided in issues linked above. # Deadline Upgrades will start in the first week of April 2022 (2022-04-04) unless an objection is raised. This proposal will be considered adopted by then unless an objection is raised within TPA. # Status This proposal is currently in the `proposed` state. # References * [TPA bullseye upgrade procedure][] * [%Debian 11 bullseye upgrade milestone][] [TPA bullseye upgrade procedure]: https://gitlab.torproject.org/tpo/tpa/team/-/wikis/howto/upgrades/bullseye/ [%Debian 11 bullseye upgrade milestone]: https://gitlab.torproject.org/groups/tpo/tpa/-/milestones/5 [bullseye]: https://wiki.debian.org/DebianBullseye [released on August 14 2021]: https://www.debian.org/News/2021/20210814 [buster]: howto/upgrades/buster [one year after the stable release]: https://www.debian.org/security/faq#lifespan [OKR 2022 Q1/Q2 plan]: https://gitlab.torproject.org/tpo/tpa/team/-/wikis/roadmap/2022 [tpo/tpa/team#40690]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/40690 [tpo/tpa/team#40692]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/40692 [tpo/tpa/team#40693]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/40693 [tpo/tpa/team#40471]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/40471 [tpo/tpa/team#29864]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/29864 [tpo/tpa/team#33588]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/33588 [tpo/tpa/team#40684]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/40684 [tpo/tpa/team#40694]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/40694 [tpo/tpa/team#40695]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/40695 [tpo/tpa/team#40696]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/40696 [tpo/tpa/team#40472]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/40472 [tpo/tpa/team#17202]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/17202 [TPA-RFC-11: SVN retirement]: policy/tpa-rfc-11-svn-retirement [tpo/tpa/team#29974]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/29974 [tpo/tpa/team#40689]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/40689 -- Antoine Beaupré torproject.org system administration

1 4

minutes from the TPA meeting
by Antoine Beaupré 22 Jun '22

22 Jun '22

We exceptionnally did an early July meeting yesterday to make one last checkin while we're all there at once. Turns out I messed up scheduling and I overlooked that kez was AFK this week. Oops. Sorry kez! Anyways, here are the minutes. # Roll call: who's there and emergencies * anarcat * gaba * lavamind We had two emergencies, both incidents were resolved in the morning: * [failing CI jobs][] * [failed disk on fsn-node-01][] [failing CI jobs]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/incident/40806 [failed disk on fsn-node-01]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/incident/40805 # OKR / roadmap review [TPA OKRs][]: roughly 19% done * [mail services][]: 20%. TPA-RFC-15 was rejected, we're going to go external, need to draft TPA-RFC-31 * [Retirements][]: 20%. no progress foreseen before end of quarter * [codebase cleanup][]: 6%. often gets pushed to the side by emergencies, lots of good work done to update Puppet to the latest version in Debian, see https://wiki.debian.org/Teams/Puppet/Work * [Bullseye upgrades][]: 48%. still promising, hoping to finish by end of summer! * [High-performance cluster][]: 0%. no grant, nothing moving for now, but at least it's on the fundraising radar [Web OKRs][]: 42% done overall! * The donate OKR: is about 25% complete still, to start in next quarter * Translation OKR: still done * Docs OKR: no change since last meeting: * dev.tpo work hasn't started yet, might be possible to start depending on kez availability? @gaba needs to call for a meeting, followup in [tpo/web/dev#6][] * documentation improvement might be good for hack week [TPA OKRs]: https://gitlab.torproject.org/tpo/tpa/team/-/wikis/roadmap/2022 [web OKRs]: https://gitlab.torproject.org/tpo/web/team/-/wikis/roadmap/2022 [tpo/web/dev#6]: https://gitlab.torproject.org/tpo/web/dev/-/issues/6 # Dashboard review We looked at the team dashboards: * https://gitlab.torproject.org/tpo/tpa/team/-/boards/117 * https://gitlab.torproject.org/groups/tpo/web/-/boards * https://gitlab.torproject.org/groups/tpo/tpa/-/boards ... and per user dashboards: * https://gitlab.torproject.org/groups/tpo/-/boards?scope=all&utf8=%E2%9C%93&… * https://gitlab.torproject.org/groups/tpo/-/boards?scope=all&utf8=%E2%9C%93&… * https://gitlab.torproject.org/groups/tpo/-/boards?scope=all&utf8=%E2%9C%93&… Things seem to be well aligned for the vacations. We put in "backlog" the things that will *not* happen in June. # Vacation planning Let's plan 1:1 and meetings for july and august. Let's try to schedule 1:1s during the 2 week where anarcat is available, anarcat will arrange those by email. he will also schedule the meetings that way. We'll work on a plan for Q3 in mid-july, gaba will clean the web board. In the meantime, we're in "vacation mode" until anarcat comes back from vacation, which means we mostly deal with support requests and emergencies, along with small projects that are already started. # Icinga vs Prometheus anarcat presented a preliminary draft of TPA-RFC-33, presenting the background, history, current setup, and requirements of the monitoring system. lavamind will take some time to digest it and suggest changes. No further work is expected to happen on monitoring for a few weeks at least. # Other discussions We should review the Icinga vs Prometheus discussion at the next meeting. We also need to setup a new set of OKRs for Q3/Q4 or at least prioritize Q3 at the next meeting. # Next meeting Some time in July, to be determined. # Metrics of the month N/A we're not at the end of the month yet. # Ticket filing star of the month It has been suggested that people creating a lot of tickets in our issue trackers are "annoying". We strongly deny those claims and instead propose we spend some time creating a mechanism to determine the "ticket filing star" of the month, the person who will have filed the most (valid) tickets with us in the previous month. Right now, this is pretty hard to extract from GitLab, so it will require a little bit of wrangling with the GitLab API, but it's a simple enough task. If no one stops anarcat, he may come up with something like this in the Hackweek. Or something. -- Antoine Beaupré torproject.org system administration

1 0

UX team meeting notes, June 21st
by Duncan Larsen-Russell 22 Jun '22

22 Jun '22

Hello, Thanks to everyone who made it to yesterday's UX Team meeting. Please note that next week’s meeting has been cancelled for hackweek, however we’re looking forward to seeing you all again on Tuesday 5th of July instead. This week we announced a new project: S131 – Refactoring Tor Browser for Desktop, celebrated the publication of the annual report, took care of various team admin tasks, and discussed everyone’s plans for hackweek (which takes place next week). Here are the minutes: https://meetbot.debian.net/tor-meeting/2022/tor-meeting.2022-06-21-15.59.lo… <https://meetbot.debian.net/tor-meeting/2022/tor-meeting.2022-06-21-15.59.lo…> *** == User Experience Team Meeting == UX Team meetings happen every Tuesday at 1600 UTC in #tor-meeting on OFTC. Here are the logs from our meeting on June 21st: https://meetbot.debian.net/tor-meeting/2022/tor-meeting.2022-06-21-15.59.lo… <https://meetbot.debian.net/tor-meeting/2022/tor-meeting.2022-06-21-15.59.lo…> == Useful links == About the UX Team: https://gitlab.torproject.org/tpo/ux/team <https://gitlab.torproject.org/tpo/ux/team> UX repository: https://gitlab.torproject.org/tpo/ux <https://gitlab.torproject.org/tpo/ux> UX roadmap: https://www.figma.com/file/n4ETd0cUkcfj3KyclJQnt3/UX-Team-Planning?node-id=… <https://www.figma.com/file/n4ETd0cUkcfj3KyclJQnt3/UX-Team-Planning?node-id=…> UX kanban: https://gitlab.torproject.org/groups/tpo/-/boards?scope=all&utf8=%E2%9C%93&… <https://gitlab.torproject.org/groups/tpo/-/boards?scope=all&utf8=%E2%9C%93&…> Team kanban: https://gitlab.torproject.org/groups/tpo/-/boards?scope=all&label_name[]=UX… <https://gitlab.torproject.org/groups/tpo/-/boards?scope=all&label_name[]=UX…> == Meetbot commands == - #startmeeting UX Team Weekly Meeting - #endmeeting --------------------------- Tuesday June 21st @ 16:00 UTC --------------------------- == What projects are we working on? == S9 – Usability and Community Intervention on Support for Democracy and Human Rights https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&… <https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&…> S30 – Empowering Communities in the Global South to Bypass Censorship https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&… <https://gitlab.torproject.org/groups/tpo/-/issues?scope=all&utf8=%E2%9C%93&…> S96 – Rapid Expansion of Access to the Uncensored Internet through Tor in China, Hong Kong, & Tibet https://gitlab.torproject.org/groups/tpo/-/milestones/24 <https://gitlab.torproject.org/groups/tpo/-/milestones/24> S101 – Tor VPN Client for Android https://gitlab.torproject.org/groups/tpo/-/milestones/32 <https://gitlab.torproject.org/groups/tpo/-/milestones/32> S123 – Tor Secure Access Package for USAGM https://gitlab.torproject.org/groups/tpo/-/milestones/34 <https://gitlab.torproject.org/groups/tpo/-/milestones/34> S131 – Refactoring Tor Browser for Desktop https://gitlab.torproject.org/groups/tpo/applications/-/milestones/ <https://gitlab.torproject.org/groups/tpo/applications/-/milestones/8>8 <https://gitlab.torproject.org/groups/tpo/applications/-/milestones/8> == Announcements == New project: S131 – Refactoring Tor Browser for Desktop https://gitlab.torproject.org/groups/tpo/applications/-/milestones/ <https://gitlab.torproject.org/groups/tpo/applications/-/milestones/8>8 <https://gitlab.torproject.org/groups/tpo/applications/-/milestones/8> The Tor Project 2020-2021 Annual Report https://blog.torproject.org/2020-2021-annual-report/ <https://blog.torproject.org/2020-2021-annual-report/> Volunteer as an alpha tester https://blog.torproject.org/vounteer-as-an-alpha-tester/ <https://blog.torproject.org/vounteer-as-an-alpha-tester/> == Agenda == Evergreen items: 1. Announcements 📣 2. Weekly planning 📅 3. Check-in with user support 💬 Discussion items for this week only: 4. Nicob joining S30 & S9 syncs: - Nicob to join S30 immediately to share updates about bridges.torproject.org - Nicob to join S9 once Phase 6 commences 5. Potential new contractor for the UX Team: – Please have a think about the kind of things you could use help with - Bring your list to our 1:1 on Friday 6. Friday 1:1s: – Let's make the 15 minute overlap semi-permanent :) - This means Nicob will join 15 mins early - Nah and donuts will also discuss UR goals for the next 6/12 months 7. Hackweek: - Starts next week (27 June) – Please remember to pick a or submit your own (https://hackweek.onionize.space/ <https://hackweek.onionize.space/>) this week! == Weekly planning == Note: Please highlight anything you'd like to discuss below in **bold** duncan/donuts Last week (actual): - Began coordinating the 11.5 release - Responded to legacy Tor Browser tickets uncovered during ticket triage This week (planned): - Transcribe VPN interview from last week - Check bridge-moji shortlist for compatibility issues in tor-browser#40860 - Add hackweek project to https://hackweek.onionize.space/ <https://hackweek.onionize.space/> - Continue responding to legacy Tor Browser tickets Nah Last week (actual): - S101 features interviews - Transcribed S101 interviews - S96 testing and interview (Connect Assist - TB Alpha) - Reviewed feedback materials for S9 partners - many 1:1 calls to explain feedback materials (S9) This week (planned): - Final adjustments on User Research materials (s9) - Create a plan to publish and adapt the materials for localization (s9) - Start collecting feedback from trainers (s9) - More 1:1 calls to introduce trainers to user feedback (s9) - AWJ training (s9) - Schedule interview and testing (s96) (s101) - Finish transcribing interviews (s101) - Start interview and test analysis (s101) (s96) - Align User Research Plan for Q3/Q4 (s30) Nicob Last week (actual): - Update graphics for AWJ trainings - S30: Second round of amends, continued QA work on BridgeDB pages with Kez - Browser icons: final svg export - Starting work on social teasers/graphics for Tor Browser 11.5 release This week (planned): - S30: Continue QA work on BridgeDB pages with Kez - USAGM: Continue working on graphics for social previews - Continue work on telegram bot graphics - Continue workshopping tor network icon for browser - Continue work on social teasers/graphics for Tor Browser 11.5 release Joydeep Check-in with user support: - finished all updates to TB manual wrt 11.5 (alpha) ticket: https://gitlab.torproject.org/tpo/web/manual/-/issues/119 <https://gitlab.torproject.org/tpo/web/manual/-/issues/119> preview the changes: https://championquizzer.pages.torproject.net/manual/ <https://championquizzer.pages.torproject.net/manual/> - published alpha testers call on Forum to test Connection Assist in TB Alpha: https://forum.torproject.net/t/help-us-test-the-new-connection-assist-in-to… <https://forum.torproject.net/t/help-us-test-the-new-connection-assist-in-to…> - a few user reports of https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40536 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40536> == Open Call for User Research == Find out how to contribute to the UX team: https://community.torproject.org/user-research/how-to-volunteer/ <https://community.torproject.org/user-research/how-to-volunteer/> Thanks everyone! *** Duncan Larsen-Russell Product Manager & UX Team Lead duncan(a)torproject.org <mailto:duncan@torproject.org>

1 0

GitLab Runner updates
by Antoine Beaupré 21 Jun '22

21 Jun '22

Hello! We're making changes to the GitLab CI infrastructure you should know about. TL;DR: new OSUOSL runners, tags are now lowercase, clarification on the "tpa" tag. First, we're adopting a few CI runners provided by the good people at OSUOSL. Two new amd64 runners are joining the fleet and will be executing untagged jobs across our instance. This should help relieve the pressure on our existing runners, specifically related to delays in job processing when large simulations would run. In addition, we also gain three new runners running on arm64, ppc64le and s390x architectures, again from OSUOSL. Secondly, we've updated the tags on our existing runners in order for both TPA and OSUOSL runners to improve consistency. In short, we've lower-cased the former "Linux" and "TPA" tags, which are now "linux" and "tpa". If you have CI jobs with the old uppercase tags, please make sure to update your .gitlab-ci.yml files. Also refer to the CI documentation for further details on the available tags: https://gitlab.torproject.org/tpo/tpa/team/-/wikis/service/ci#runner-tags Finally, note that the OSUOSL runners are *not* marked "tpa", because we do not manage the underlying virtual machines. In that sense they are slightly less "trusted" because we do not control the runner's configuration, so if you want to limit certain jobs to those "trusted" runners, be sure to limit your jobs to the `tpa` tag. In general, you shouldn't really *trust* GitLab or GitLab CI for anything else than running tests. Builds should be verified out of band with reproducible builds. You can reproduce a local GitLab CI environment by installing gitlab-runner and executing jobs locally, without having to trust the entire GitLab installation or foreign runners. As a reminder, it is your responsibility to ensure the integrity of your code and artifacts, see those links for a further discussion: https://gitlab.torproject.org/tpo/tpa/gitlab/-/issues/81 https://gitlab.torproject.org/tpo/tpa/team/-/wikis/howto/gitlab#git-reposit… https://gitlab.torproject.org/tpo/tpa/team/-/wikis/howto/git#security-conce… This work was done as part of this ticket: https://gitlab.torproject.org/tpo/tpa/team/-/issues/40780 Feedback is welcome there, but new issues should probably be reported in a new ticket. In any case, let us know if anything seems off. A. PS: Note that those runners are not *yet* online, but we expect them to become live within a few days. The above ticket will be updated when that happens. -- Antoine Beaupré torproject.org system administration

2 3

Tor Browser Meeting moved to 2022-06-21
by Richard Pospesel 19 Jun '22

19 Jun '22

Hi Everyone, As Juneteenth is an official Tor Project holiday, we will be moving our weekly meeting back a day to Tuesday (2022-06-21) at 1100 UTC in #tor-meeting on OFTC IRC. best, -Richard

1 0

Measuring DoT/DoH Blocking Using OONI Probe: A Preliminary Study
by Maria Xynou 17 Jun '22

17 Jun '22

Hello Tor folks, I'm reaching out to share the following which may be of interest: Last year, OONI wrote a research paper ("*Measuring DoT/DoH Blocking Using OONI Probe: A Preliminary Study*") which was presented at the Network and Distributed System Security Symposium (NDSS'21) as part of the DNS Privacy Workshop. You can read this paper here: https://www.ndss-symposium.org/wp-content/uploads/dnspriv21-02-paper.pdf This study involves an *investigation of encrypted DNS (DoT & DoH) blocking in Kazakhstan, Iran, and China* with a new OONI Probe experiment (DNSCheck). Today, we're publishing a blog post with a *summary of findings* (and video presentation): https://ooni.org/post/2022-doh-dot-paper-dnsprivacy21/ You can also find a summary of findings through this Twitter thread: https://twitter.com/OpenObservatory/status/1537764247442268161 You can help contribute measurements on encrypted DNS blocking by running OONI Probe: https://ooni.org/install Thanks, Maria.

1 0

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

tor-project